AWS Solutions Architect · San Antonio, TX
Michael Groff
Building serverless, scalable, cost-optimized platforms on AWS for SMB to enterprise; serverless-first, IaC everything, security by default.
Currently Sr. Solutions Architect @ AllCloud·12+ yrs cloud & hybrid infrastructure
About Me
I'm an AWS Sr. Solutions Architect at AllCloud, helping customers land on AWS the right way; serverless-first, IaC everything, security by default.
My background is ops (Rackspace Windows Admin AWS Cloud Support Engineer AWS Architect), which shapes how I think about what gets deployed: it has to run at 2 a.m. on a Sunday without anyone waking up.
Off the clock
- Native Texan from Bandera, TX
- Married to a Texas public school teacher
- Father of two daughters
- Fur-father of three; two Huskies and one standard-issue cat
- Based in San Antonio, TX
- Avid tech enthusiast
Top 5 CliftonStrengths
Signature Themes PDFA need to collect and archive; information, ideas, artifacts, even relationships.
Work hard with great stamina; immense satisfaction from being busy and productive.
Prefer to go with the flow; take things as they come and discover the future one day at a time.
Continuous desire to learn and improve; the process excites more than the outcome.
Contagious enthusiasm; naturally upbeat, energizes others.
Gallup's CliftonStrengths assessment has been a good lens for how I collaborate and pick problems worth solving.
Skills & Stack
Things I use regularly enough to have opinions about. Recruiters can `⌘F` freely.
AWS
Primary cloud. Daily driver.
Infrastructure as Code
Everything deployable via pull request.
Languages
Write, review, and refactor comfortably.
Patterns & Practices
How I like to build.
Specializations
Industries and focus areas I've spent real time in.
CI/CD & GitOps
Pipelines that ship; declarative delivery into Kubernetes.
Monitoring & Observability
Knowing what production is doing right now.
Configuration Management
Server-side state, agent-driven.
Platforms & Tools
OS, virtualization, and adjacent tools I reach for often.
Depth varies; some are daily tools, others are things I've shipped to production and can speak to with real opinions. Happy to go deep on any of them.
Experience
- ▸Architect AWS platforms for customers ranging from startups to enterprise, defaulting to serverless (Lambda, API Gateway, EventBridge, SQS/SNS, DynamoDB, Step Functions) when the workload allows.
- ▸Lead pre-sales discovery, reference-architecture design, and executive presentations that translate business outcomes into buildable cloud systems and help close the engagement.
- ▸Own end-to-end cloud migrations — assessment through blue/green cutover — using CI/CD pipelines and CloudFormation / Terraform to shorten downtime windows.
- ▸Integrate generative-AI services (Bedrock, SageMaker) into customer workflows for document processing, decision automation, and predictive analytics.
- ▸Run cost-optimization engagements across CloudWatch, Trusted Advisor, Cost Explorer, and third-party tools; surface workload right-sizing, Savings Plans, and anomaly remediation.
- ▸Harden customer environments against the AWS Well-Architected Framework, emphasizing IAM boundaries, VPC segmentation, and GuardDuty / WAF posture.
- ▸Mentor customer engineering teams on cloud-native patterns and IaC so they own the platform after engagement end.
See the blog archive for technology write-ups from 2015–2020 (read-only).
Letters of recommendation and contact information for all previous employers available upon request.
Education
Bachelor of Arts
School of Journalism & Mass Communication
A Journalism degree turned out to be training for writing design docs that people actually read.
Dean's List
Recognition across multiple semesters.
Intramural sports
Football and softball through school.
Bobcat Build
Student community service; Student Volunteer Connection.
The University Star
Student journalist for the university newspaper.
Certifications
AWS · Proctored
Full history · filter by vendor
Spans Dell / VMware partner enablement in 2017 through current AWS proctored exams and AWS training badges. Click any dot to verify on Credly.
About this site
WordPress → Next.js on AWS
The previous version of this site was a 2015-era WordPress install on The7 theme. This rewrite is its opposite: no server, no plugins, no database. Infrastructure is code. Deploys are a git push.
| Aspect | WordPress (old) | Next.js + AWS (new) |
|---|---|---|
| Monthly cost | BlueHost unlimited plan (shared across ~30 sites) | Pennies per month (this site alone; actual numbers pending a few weeks of traffic) |
| First-load time | 3 to 4 s | < 1 s |
| Security posture | Theme + plugin patch treadmill | Zero server; signed OAC; managed TLS |
| Update workflow | FTP or wp-admin clickops | git push; Actions handles the rest |
| Infra definition | None (clickops) | AWS CDK in TypeScript |
Design trade-offs
- ▸CloudFlare for DNS instead of Route 53; keeps this project single-account and lets me skip cross-account delegation. Trade-off: ACM validation needs a manual CNAME.
- ▸No WAF; saves ~$5/mo and a portfolio site doesn't warrant managed-rules cost.
- ▸OAC, not OAI; AWS's 2023+ recommended pattern for signed S3-origin access.
- ▸Static export, not SSR; zero servers and no per-request logic. Fits a resume, not a SaaS.
The original site is preserved as a read-only static snapshot at/legacy/for posterity; same domain, same bucket, no WordPress runtime involved.